Skip to main content

Recon 2005 - Ryan Russell _ Nicolas Brulez - Malware Analysis

Movies Preview

movies
Recon 2005 - Ryan Russell _ Nicolas Brulez - Malware Analysis


Published 2005


One of the most common examples of reverse engineering is malicious code analysis. In order to clean up after, and prevent further infection by a piece of malicious code, it must be analyzed. Such analysis is often used for generating IDS signatures, detemining exploits used (and hence which patches would be required) and writing detection modules for antivirus software. Usually, this must be done in as little time as possible.

This presentation will cover two examples of popular Windows malicious code. This will include how to unpack or decrypt it, using IDA Pro to disassemble it, and finding the most important pieces first. The speaker will demonstrate which steps to perform first, in order to perform the quickest analysis. Some knowledge of Intel assembly and Windows programming will be of benefit to attendees, but is not required. The presentation will feature a special guest to discuss packers and cryptors.

Ryan Russell, aka Blue Boar, has been employed in the IT field for nearly 20 years, specializing in information security for the last 10. He has contributed to over a dozen books on the topics of networking and security, both fiction and non-fiction. He founded the vuln-dev mailing list, was in charge of information security at Sybase for several years, and was a Senior Threat Analyst at SecurityFocus. Ryan is a frequent mailing list contributor, and conference speaker. His pet projects include robotics, embedded device hacking, disassembly, and HTPCs.

Nicolas Brulez, Chief of Security for Digital River working on the SoftwarePassport/Armadillo protection system, Nicolas specializes in anti-reverse engineering techniques to defend against software attacks. He has been active in malware research in collaboration with various anti-virus companies. He regularly writes for the French security magazine MISC and has authored a number of papers on reverse engineering. He currently teaches assembly programming and reverse engineering in French engineering schools. Nicolas has more than 7 years of experience reverse engineering on Microsoft Windows platforms.


Audio/Visual sound, color
Contact Information www.recon.cx

comment
Reviews

There are no reviews yet. Be the first one to write a review.
SIMILAR ITEMS (based on metadata)
OpenSecurityTraining.info
movies
eye 636
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 903
favorite 0
comment 0
Microsoft Research Video
by Microsoft Research
movies
eye 39
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 816
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 695
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 661
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 792
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 999
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 1,080
favorite 0
comment 0
OpenSecurityTraining.info
movies
eye 1,634
favorite 0
comment 0